From 6ccfdc9d11c6f4c9a72b792d785cf48f4cfb1f14 Mon Sep 17 00:00:00 2001
From: Kelsi <kelsihates2fa@gmail.com>
Date: Sat, 14 Mar 2026 13:51:37 -0700
Subject: [PATCH] fix(combatlog): validate packed GUID bounds in spell
 damage/heal logs

---
 src/game/world_packets.cpp | 16 ++++++++++++++++
 1 file changed, 16 insertions(+)

diff --git a/src/game/world_packets.cpp b/src/game/world_packets.cpp
index 616e9633..71252846 100644
--- a/src/game/world_packets.cpp
+++ b/src/game/world_packets.cpp
@@ -3427,7 +3427,15 @@ bool SpellDamageLogParser::parse(network::Packet& packet, SpellDamageLogData& da
     if (packet.getSize() - packet.getReadPos() < 30) return false;
 
     size_t startPos = packet.getReadPos();
+    if (!hasFullPackedGuid(packet)) {
+        packet.setReadPos(startPos);
+        return false;
+    }
     data.targetGuid = UpdateObjectParser::readPackedGuid(packet);
+    if (!hasFullPackedGuid(packet)) {
+        packet.setReadPos(startPos);
+        return false;
+    }
     data.attackerGuid = UpdateObjectParser::readPackedGuid(packet);
 
     // Validate core fields (spellId + damage + overkill + schoolMask + absorbed + resisted = 21 bytes)
@@ -3469,7 +3477,15 @@ bool SpellHealLogParser::parse(network::Packet& packet, SpellHealLogData& data)
     if (packet.getSize() - packet.getReadPos() < 21) return false;
 
     size_t startPos = packet.getReadPos();
+    if (!hasFullPackedGuid(packet)) {
+        packet.setReadPos(startPos);
+        return false;
+    }
     data.targetGuid = UpdateObjectParser::readPackedGuid(packet);
+    if (!hasFullPackedGuid(packet)) {
+        packet.setReadPos(startPos);
+        return false;
+    }
     data.casterGuid = UpdateObjectParser::readPackedGuid(packet);
 
     // Validate remaining fields (spellId + heal + overheal + absorbed + critFlag = 17 bytes)